Your privacy matters. This policy explains what data we collect, why we collect it, how we use it, and your rights under GDPR and Irish/EU data protection laws.
We collect only the data we need to deliver your subscription — mainly your WhatsApp number, email, and payment info. We do NOT sell your data, do not track what you watch, and do not share information with advertisers. You have full rights to access, correct, or delete your data at any time.
Emerald Stream ("we", "us", "our") is committed to protecting your privacy and ensuring transparency about how we handle your personal data. This Privacy Policy explains what information we collect when you use our IPTV service, how we process it, and what rights you have regarding your data.
This Privacy Policy applies to all users of our website (emeraldstream.irish) and our IPTV subscription service. It is designed to comply with:
By using our service, you confirm that you have read, understood, and agree to the practices described in this Privacy Policy.
Emerald Stream is an IPTV service provider based in Ireland. For the purposes of GDPR, we are the Data Controller of any personal data you provide to us.
We collect only the minimum data needed to deliver and support our service. Here's exactly what we collect:
| Category | Data | When Collected |
|---|---|---|
| Contact Info | Name (optional), WhatsApp number, email address | When you subscribe or contact us |
| Account Data | Username, password (hashed), subscription plan, device count, expiry date | When subscription created |
| Payment Info | Transaction ID, amount, payment method, date (processed by payment provider — we do NOT store card details) | At time of purchase |
| Device Data | MAC address (for MAG/Smart TV setups), device type, IP address | During setup & active streaming |
| Communication | WhatsApp/email conversations, support tickets | When you message us |
| Website Analytics | Page views, click events, referrer, browser type, anonymised IP | While browsing our website |
| Cookies | See our Cookie Policy | While browsing our website |
We use your personal data exclusively for the following purposes:
Under GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal grounds:
| Lawful Basis | When We Use It |
|---|---|
| Contractual Necessity | To create your account, deliver credentials, process payments, and provide ongoing service — these are necessary to fulfil our contract with you. |
| Legitimate Interest | To analyse anonymous website usage, prevent fraud, send service announcements, and improve our offering. |
| Legal Obligation | To retain certain transactional data for tax/accounting purposes (typically 7 years under Irish law). |
| Consent | For non-essential cookies, marketing communications (where applicable), and any optional data collection. |
We do not sell your data. We only share it with trusted third parties who help us deliver our service. Here's exactly who we share data with and why:
| Third Party | Purpose | Data Shared |
|---|---|---|
| WhatsApp (Meta) | Customer communication | Phone number, messages |
| Payment Processors | Process subscription payments | Name, email, payment amount (card data handled by them, not us) |
| Google Analytics 4 | Anonymised website analytics | Anonymised IP, page views, click events |
| Google Tag Manager | Tag deployment for analytics | Anonymised event data |
| Web Hosting Provider | Hosting our website and servers | Standard server logs (IP, browser, request data) |
| Email Provider (Gmail) | Send/receive customer emails | Email content & metadata |
| Legal Authorities | Only if legally required by court order | Whatever is legally requested |
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy:
| Data Type | Retention Period |
|---|---|
| Active subscription account data | Duration of active subscription + 90 days |
| Expired subscription account data | Deleted within 90 days of expiry (unless retained for legal reasons) |
| Payment transaction records | 7 years (required by Irish tax law) |
| WhatsApp/email support conversations | Up to 2 years for service quality and dispute resolution |
| Website analytics (anonymised) | 14 months (default GA4 retention) |
| Server access logs | 30 days |
After the retention period expires, we securely delete or anonymise your data. You may request earlier deletion at any time (see your rights below).
As a data subject under GDPR, you have the following rights regarding your personal data. You can exercise any of these by contacting us at [email protected] or via WhatsApp:
Request a copy of all personal data we hold about you. We'll provide this within 30 days, free of charge.
Correct any inaccurate or incomplete personal data we hold about you.
Request deletion of your personal data (subject to legal retention obligations).
Ask us to pause processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format for transfer elsewhere.
Object to processing based on legitimate interests, including direct marketing.
Not be subject to decisions based solely on automated processing.
Withdraw any consent you previously gave, at any time.
Our website uses cookies and similar technologies to enhance your experience and analyse usage. For full details on what cookies we use and how to manage them, please see our dedicated Cookie Policy.
You can change your cookie preferences at any time through our cookie consent banner.
We take data security seriously and implement appropriate technical and organisational measures to protect your personal data, including:
Some of the third parties we use (such as Google Analytics, WhatsApp/Meta) may process data outside the European Economic Area (EEA). When this happens, we ensure adequate safeguards are in place, including:
Your data is treated with the same level of protection regardless of where it's processed.
If you believe a child under 18 has provided us with personal data, please contact us immediately at [email protected] and we will delete the data and the associated account.
By using our service, you confirm that you are at least 18 years of age (or the legal age of majority in your jurisdiction).
We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or business operations. When we make material changes:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
If you have a concern about how we handle your personal data, we encourage you to contact us first so we can address it directly. However, you also have the right to lodge a complaint with the Irish Data Protection Commission:
If you are based outside Ireland but within the EU, you also have the right to lodge a complaint with your local supervisory authority.
If you have questions about this Privacy Policy or wish to exercise any of your data rights, please contact us:
For privacy-specific inquiries, please mark your message as "Privacy Request" so we can route it appropriately. We respond to all privacy-related requests within 30 days as required by GDPR.
